<html>
<head>
<title>Listing</title>
</head>
<body>
<?php
if(isset($_GET['id']))
{
// if id is set then get the file with the id from database

include 'dbconnect.php';

$id    = $_GET['id'];
$name = $_GET['name'];

$query = "SELECT * " .
         "FROM VehicleForSale WHERE VehicleForSaleID = '$id'";

if ($result  = mysqli_query($mysql,$query)) {

    $row = mysqli_fetch_assoc($result);
	$owner = $row["NonAdmins_AllUsers_LoginID"];
    $make = $row["Make"];
    $img = $row["ImgName"];
    $model = $row["Model"];
    $year = $row["VehicleYear"];
    $price = $row["Price"];
    $mileage = $row["Mileage"];
    $color = $row["ExteriorColor"];
    $engine = $row["Engine"];
    $drivetrain = $row["DriverType"];
    $doors = $row["NoDoors"];
    $vin = $row["VIN"];
    $desc = $row["Description"];
    //echo $img;
    echo "<img src='$img'/><br />
    Make: $make<br />
    Model: $model<br />
    Year: $year<br />
    Price: $price<br />
    Mileage: $mileage<br />
    Color: $color<br />
    Engine: $engine<br />
    Drive Train: $drivetrain<br />
    Doors: $doors<br />
    VIN: $vin<br />
    Description: $desc<br />
    ";
	
	$existsQuery = "select count(*) from Bookmark where
	RegisteredUser_NonAdmins_AllUsers_LoginID = '$name' and
	VehicleForSale_VehicleForSaleID = $id";
	
	$result = mysqli_query( $mysql, $existsQuery );
	if(!$result)
		exit;
	
	$row = mysqli_fetch_row( $result );
	$count = $row[0];
	
	// bookmark doesnt exist add one
	if( $count == 0 )
	{
		echo '<form enctype="multipart/form-data" action="bookmark.php" method="POST">
			<input type="submit" value="bookmark" name="act_bookmark">
			<input type="hidden" name="user_name" value="'.$name.'">
			<input type="hidden" name="vehicle_id" value="'.$id.'">
			</form>';
	}
	
	$query = "select NonAdmins_AllUsers_LoginID from VehicleForSale where VehicleForSale_VehicleForSaleID = $id";
	$result = mysqli_query( $mysql, $existsQuery );
	if(!$result)
		exit;
	
	$row = mysqli_fetch_assoc( $result );
	$seller_name = $row["NonAdmins_AllUsers_LoginID"];
	
	echo '<form enctype="multipart/form-data" action="notify.php" method="POST">
	<input type="submit" value="notify seller" name="act_notify">
	<input type="hidden" name="user_name" value="'.$name.'">
	<input type="hidden" name="vehicle_id" value="'.$id.'">
	<input type="hidden" name="seller_name" value="'.$seller_name.'">
	</form>';
	
	if($name == $owner)
	{
		$query = "select * from AllUsers where LoginID = '$name'";
		$result = mysqli_query( $mysql, $query);
		if(!$result)
			exit;
	
		$row = mysqli_fetch_assoc( $result );
		$pass = $row["UserPassword"];
		
		echo '<form action="edit.php" method="POST">
		<input type="hidden" name="vehicle_id" value='.$id.'>
		<input type="hidden" name="name" value='.$owner.'>
		<input type="hidden" name="password" value='.$pass.'>
		<input type="submit" name="vehicle_edit" value="Edit Vehicle Profile">
		</form>
		';
		
		echo '<form action="edit.php" method="POST">
		<input type="hidden" name="vehicle_id" value='.$id.'>
		<input type="hidden" name="name" value='.$owner.'>
		<input type="hidden" name="password" value='.$pass.'>
		<input type="submit" name="vehicle_del" value="Delete Vehicle Profile">
		</form>
		';
		
	}
	
    

//list($name, $type, $size, $content) = mysqli_fetch_array($result);

//header("Content-length: $size");
//header("Content-type: $type");
//header("Content-Disposition: attachment; filename=$name");
//echo $content;
	
	$query = "select * from AllUsers where LoginID = '$name'";
	$result = mysqli_query( $mysql, $query);
	if(!$result)
		exit;
	
	$row = mysqli_fetch_assoc( $result );
	$pass = $row["UserPassword"];
	
	echo'<form enctype="multipart/form-data" action="login.php" method="POST">
	<input type="submit" value="Return To Profile">
	<input type="hidden" name="name" value='.$name.'>
	<input type="hidden" name="password" value='.$pass.'>
	</form>';

    mysqli_close($mysql);
    }
}

?>
</body>
</html>